Ethical Hacking, Penetration Testing & Computer Security

Archive | Cryptography

So after the Heartbleed vulnerability in OpenSSL that turned the World upside down, there has a been a lot of focus on the codebase and the manner in which it was written. They’ve raised a bunch of money, an audit is underway and there has even been a fairly serious branch named LibreSSL (who are […]

Introduction So the Internet has been exploding this week due to the Heartbleed Bug in OpenSSL which effects a LOT of servers and websites and is being hailed by some as the worst vulnerability in the history of the Internet thus far. The main info on the bug can be found at http://heartbleed.com/. In basic […]

Somewhat similar to HashTag – Password Hash Type Identification (Identify Hashes) – which we posted about a while back, here we have hash-identifier or Hash ID. Once again this is a Python script created to identify types of hashes used to encrypt data and especially passwords. It supports a whole bunch of hashes such as […]

Bitcoin and other cryptocurrencies are pretty much headline news every day now, especially with the inflated values (Bitcoin over $1000 recently). We haven’t mentioned them for a long time though, back in 2012 we wrote about Hackers breaking into a Bitcoin Exchange Site called Bitcoinica. There have been plenty of Bitcoin related hacks since then, […]

So this is a pretty interesting acoustic based cryptanalysis side-channel attack which can crack 4096-bit RSA encryption. It’s been a while since we’ve seen anything hardware based, and RSA 4096 is pretty strong encryption, I wonder how they figured this one out. It makes sense though when you think about it, although I wouldn’t have […]

ike-scan discovers IKE hosts and can also fingerprint them using the retransmission backoff pattern. ike-scan can perform the following functions: Discovery Determine which hosts in a given IP range are running IKE. This is done by displaying those hosts which respond to the IKE requests sent by ike-scan. Fingerprinting Determine which IKE implementation the hosts […]

HashTag.py is a Python script written to parse and identify the password hash type used. HashTag supports the identification of over 250 hash types along with matching them to over 110 hashcat modes (use the command line switch -hc to output the hashcat modes). It is also able to identify a single hash, parse a […]

Earlier this week we wrote about an Internet Explorer 0-day which used an in-memory drive by attack, which was pretty smart. Now another new type of malware (a backdoor in this case), this time targeting Linux known as Fokirtor. There is no real discussion of the exploit used to plant this backdoor (if it was […]

AxCrypt is the leading open source Windows file encryption software. It integrates seamlessly with Windows to compress, encrypt, decrypt, store, send and work with individual files. Personal Privacy and Security with AES-128 File Encryption and Compression for Windows 2000/2003/XP/Vista/2008/7. Double-click to automatically decrypt and open documents. Store strong keys on removable USB-devices. Features Password Protect […]

I’m pretty sure everyone has to send files to someone else online at some point, I’ve found myself having to do it quite often. And there’s always a quandary when it comes to sending something that is somewhat confidential. How do you secure it in transit? We generally have a few options – 1) Passworded […]